Y
Hacker News
new
|
ask
|
show
|
jobs
by
zahlman
138 days ago
Doesn't the browser know which script it's running?
Why can't it just deny access to the specified path, except to the extension itself?
1 comments
cxr
138 days ago
It does by default, except for the files from the extension that the extension author has explicitly designated as content-accessible. It's explained ("Using web_accessible_resources") at the other end of the link.
link